PROBLEM
Lack of visibility and understanding of Databricks consumption across the organisaion, leading to spiralling Databricks costs.
SOLUTION
A unified solution providing capability to:
-
visualise Databricks consumption and cost at the most granular level
-
identify cost saving opportunities
-
accurately budget and forecast consumption and spend
-
catch silent "cost-creepers" and anomalies - no more bill shock
OUTCOMES
-
40% reduction in Alinta Energy's Databricks spend
PROBLEM
Furō partnered with Accident Compensation Corporation New Zealand (ACC NZ) to develop custom GitHub Actions, replacing SonarQube and boosting the use of GitHub Advanced Security.
SOLUTION
By harnessing GitHub's platform and security features, we enhanced ACC NZ’s software security and streamlined their developer workflows.
OUTCOMES
35% Cost Savings and 50% Reduction in Time-To-Market
INDUSTRY
Government
LOCATION
New Zealand
SERVICES
Development of custom GitHub Actions
TECHNOLOGIES
GitHub Actions
'Finalist in the GitHub Partners of the Year Awards in APAC Security'
The Customer
The Accident Compensation Corporation (ACC) is a Crown entity of the New Zealand government that provides comprehensive, no-fault personal injury coverage for all residents and visitors to New Zealand. As one of the country's largest public organizations, ACC plays a vital role in supporting people’s recovery from injury, funding treatment and rehabilitation, and helping prevent injuries across workplaces, roads, and communities. With a focus on innovation, efficiency, and equity in public service delivery, ACC NZ continues to modernise its technology stack to deliver better outcomes for the people it serves.
The Challenge
ACC NZ faced the challenge of moving from SonarQube, which they used for static code analysis on Java projects, to a unified GitHub platform.
Recreate SonarQube’s Capabilities
Replacing SonarQube’s features with equivalent GitHub checks.
Expanding Github Advanced Security
Extending GitHub Advanced Security across their large repository network.
Embedding Security Insights
Embedding actionable security insights into developer workflows.
The goal was to simplify DevSecOps practices and enhance security reporting for their CISO group.
Solution / Approach
Furō provided a comprehensive solution by leveraging GitHub’s native functionalities and the GitHub Actions platform. Our approach ensured a smooth transition from SonarQube while unlocking advanced security capabilities.
Key components of the solution included:
GitHub Actions
Automated workflows and CI/CD pipelines to streamline development processes.
GitHub Advanced Security SARIF File Import
Enhanced security insights and code analysis capabilities.
Accelerated training
Training sessions to empower ACC NZ’s teams to develop their own GitHub Action
Outcomes Delivered
With the implementation of GitHub Actions and the expertise provided by Furō, ACC NZ has enhanced their development and security practices.
The following metrics showcase the impact of this advancement, reflecting improvements in tool consolidation, repository security, code pattern detection, and overall developer experience.
35% Cost Savings
Increase in the number of repositories actively utilising GitHub Advanced Security. This broader adoption enhanced overall security coverage and ensured more comprehensive protection across their codebase.
50% Reduction in Time-To-Market
The new GitHub Action identified custom code patterns, significantly improving the detection of potential security
issues and code vulnerabilities. This advanced detection capability enabled more precise and proactive management of code quality.
Finalist in the 2024 GitHub Partners of the Year Award - Apac Region
A remarkable 35% boost in GitHub Advanced Security Adoption
"You guys have set the bar pretty high for the IT team now."
-- Alinta Energy - Data Governance Manager